{"vulnerability": "CVE-2024-1348", "sightings": [{"uuid": "816f9201-da9e-4a9d-b72a-32e9604f7fca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13484", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113907275874599319", "content": "", "creation_timestamp": "2025-01-28T17:58:16.228789Z"}, {"uuid": "60b034a4-1f9d-45f0-b341-6dd55c9128c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13480", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113990650279768242", "content": "", "creation_timestamp": "2025-02-12T11:21:28.330127Z"}, {"uuid": "fa5bb6d8-3197-45fd-9402-e0d6a632a33f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13480", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhy5nszg2e2d", "content": "", "creation_timestamp": "2025-02-12T12:16:01.306812Z"}, {"uuid": "11e7eadc-e4ac-42f3-8843-f1a69166303f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13480", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhyemc2s3i2v", "content": "", "creation_timestamp": "2025-02-12T14:20:27.365056Z"}, {"uuid": "60626d94-4426-4844-b1b2-580a1c95ed0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13489", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijk6qpfzh2h", "content": "", "creation_timestamp": "2025-02-19T10:15:29.993468Z"}, {"uuid": "b36c0e46-84c1-46e1-b7fa-b7a907507e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13481", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijqvtceac2k", "content": "", "creation_timestamp": "2025-02-19T12:15:46.695666Z"}, {"uuid": "85c556dc-0199-46d9-b438-fa81663f66b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13483", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijqvvfth52p", "content": "", "creation_timestamp": "2025-02-19T12:15:48.927847Z"}, {"uuid": "863efd09-428b-4a69-a3e6-3d885a10834a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13485", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijqvy3w2z2o", "content": "", "creation_timestamp": "2025-02-19T12:15:51.687308Z"}, {"uuid": "ba17a819-8383-4938-b81f-e0b1b3a227bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13481", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lijxnk45ky2a", "content": "", "creation_timestamp": "2025-02-19T14:16:26.217342Z"}, {"uuid": "45c295d3-0e3c-4596-a58d-00d7a7fb82fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13489", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lijxnkn7hq2a", "content": "", "creation_timestamp": "2025-02-19T14:16:29.240584Z"}, {"uuid": "55930626-548b-4cf9-bc4b-ea9b8f8d5947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13485", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lijxnktump2e", "content": "", "creation_timestamp": "2025-02-19T14:16:30.381295Z"}, {"uuid": "83196934-e0fe-4d2c-87f2-7d656e0412bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13483", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lijxnkx6522v", "content": "", "creation_timestamp": "2025-02-19T14:16:30.937081Z"}, {"uuid": "58c606fa-554c-4603-9c42-82a84a0f7de6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13481", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmuxy2dxfl2h", "content": "", "creation_timestamp": "2025-04-15T21:02:31.302466Z"}, {"uuid": "6e3108c9-75c4-4d0c-be80-326a4a05a4b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13483", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmuxy2g7o32h", "content": "", "creation_timestamp": "2025-04-15T21:02:32.074587Z"}, {"uuid": "8fb833ae-943c-448f-85c2-b0fc2cd4d29c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13485", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmuxy2imyk27", "content": "", "creation_timestamp": "2025-04-15T21:02:32.605258Z"}, {"uuid": "e9c7fe8b-e887-4978-a578-818b84425062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4558", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13488\n\ud83d\udd25 CVSS Score: 7.5 (CVSS_V3)\n\ud83d\udd39 Description: The LTL Freight Quotes \u2013 Estes Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n\ud83d\udccf Published: 2025-02-15T12:30:50Z\n\ud83d\udccf Modified: 2025-02-15T12:30:50Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13488\n2. https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-estes-edition/trunk/warehouse-dropship/wild/includes/wild-delivery-save.php#L250\n3. https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-estes-edition/trunk/warehouse-dropship/wild/includes/wild-delivery-save.php#L364\n4. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3239967%40ltl-freight-quotes-estes-edition&new=3239967%40ltl-freight-quotes-estes-edition&sfp_email=&sfph_mail=\n5. https://www.wordfence.com/threat-intel/vulnerabilities/id/b77b064d-ab8c-4e84-b5cc-efbdeefbf502?source=cve", "creation_timestamp": "2025-02-15T13:11:17.000000Z"}, {"uuid": "f2b57ec9-1789-4b69-a79d-2af42acff055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4562", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13488\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-15T12:15:30.457\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-estes-edition/trunk/warehouse-dropship/wild/includes/wild-delivery-save.php#L250\n2. https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-estes-edition/trunk/warehouse-dropship/wild/includes/wild-delivery-save.php#L364\n3. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3239967%40ltl-freight-quotes-estes-edition&new=3239967%40ltl-freight-quotes-estes-edition&sfp_email=&sfph_mail=\n4. https://www.wordfence.com/threat-intel/vulnerabilities/id/b77b064d-ab8c-4e84-b5cc-efbdeefbf502?source=cve", "creation_timestamp": "2025-02-15T13:11:24.000000Z"}, {"uuid": "7ff2c488-efe4-48d0-83e2-2ac15253bacd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "Telegram/TSPaujDXvhjZkIvQuJ395bqkeJVYbAkw3UAWjBgIE6wSCZVY", "content": "", "creation_timestamp": "2025-03-02T11:45:39.000000Z"}, {"uuid": "59ce2e4d-2827-42b7-8b2d-5535a594abc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13484", "type": "seen", "source": "https://t.me/cvedetector/16626", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13484 - ArgoCD Cluster-Wide PrometheusRule Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13484 \nPublished : Jan. 28, 2025, 6:15 p.m. | 1\u00a0hour, 19\u00a0minutes ago \nDescription : A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-28T21:17:56.000000Z"}, {"uuid": "7002a22a-d2c6-44e8-9472-54ebc5ea9bcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13483", "type": "published-proof-of-concept", "source": "Telegram/fqLvqvawPy0wHjcP9KYWuU804CLssO4ItWzY6I4Zad418gc", "content": "", "creation_timestamp": "2025-02-20T22:00:06.000000Z"}, {"uuid": "71384d1b-0964-4cbc-bf51-ce7cba089dea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13481", "type": "published-proof-of-concept", "source": "Telegram/fqLvqvawPy0wHjcP9KYWuU804CLssO4ItWzY6I4Zad418gc", "content": "", "creation_timestamp": "2025-02-20T22:00:06.000000Z"}, {"uuid": "62a206a7-89b5-4218-aef4-b0b7306adc5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13485", "type": "published-proof-of-concept", "source": "Telegram/fqLvqvawPy0wHjcP9KYWuU804CLssO4ItWzY6I4Zad418gc", "content": "", "creation_timestamp": "2025-02-20T22:00:06.000000Z"}, {"uuid": "7bd0c5e1-3ded-49d3-ac1f-44f4a445a492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "published-proof-of-concept", "source": "Telegram/fqLvqvawPy0wHjcP9KYWuU804CLssO4ItWzY6I4Zad418gc", "content": "", "creation_timestamp": "2025-02-20T22:00:06.000000Z"}, {"uuid": "c9866ad8-1438-4ab3-ab30-4cfc286e21de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13489", "type": "published-proof-of-concept", "source": "Telegram/fqLvqvawPy0wHjcP9KYWuU804CLssO4ItWzY6I4Zad418gc", "content": "", "creation_timestamp": "2025-02-20T22:00:06.000000Z"}, {"uuid": "98255d48-5e8e-4d04-83d5-fbae7d00db4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13484", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgt2rpizkh2c", "content": "", "creation_timestamp": "2025-01-28T18:16:00.615799Z"}, {"uuid": "311f69be-8f0b-4ae8-849a-444646fa6277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13484", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113907945349376508", "content": "", "creation_timestamp": "2025-01-28T20:49:39.646297Z"}, {"uuid": "45aee08b-2d62-4052-8ae4-50553c07c392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13487", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhik3bo6ic2t", "content": "", "creation_timestamp": "2025-02-06T07:15:42.157419Z"}, {"uuid": "075aba2f-0da2-47cd-988c-aa9b83ba858c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114007668658448921", "content": "", "creation_timestamp": "2025-02-15T11:29:28.173786Z"}, {"uuid": "f727ab89-5ae9-4cdb-9d35-4aa98f6c87f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13485", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/114059630853315458", "content": "", "creation_timestamp": "2025-02-24T15:44:08.139269Z"}, {"uuid": "5ba1c489-5199-49ed-a89f-46c935ae99d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13489", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/114059631174460711", "content": "", "creation_timestamp": "2025-02-24T15:44:13.013125Z"}, {"uuid": "73b018f0-1b79-49b4-893c-bf2f6f19943b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/114059631478198325", "content": "", "creation_timestamp": "2025-02-24T15:44:17.542593Z"}, {"uuid": "238e8f3f-6f36-464e-9dfd-6753c43e29df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13489", "type": "seen", "source": "https://t.me/cvedetector/18434", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13489 - Old Dominion WordPress LTL Freight Quotes Plugin SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13489 \nPublished : Feb. 19, 2025, 10:15 a.m. | 2\u00a0hours, 8\u00a0minutes ago \nDescription : The LTL Freight Quotes \u2013 Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 4.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T13:43:40.000000Z"}, {"uuid": "7f1a11a7-2a39-47de-a4e2-a868a9d9c231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13483", "type": "seen", "source": "https://t.me/cvedetector/18442", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13483 - SAIA LTL Freight Quotes WordPress Plugin SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13483 \nPublished : Feb. 19, 2025, 12:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : The LTL Freight Quotes \u2013 SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 2.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T16:14:10.000000Z"}, {"uuid": "9df152b3-efb5-4bab-8f10-e66d3727027c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13481", "type": "seen", "source": "https://t.me/cvedetector/18441", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13481 - R+L Carriers WordPress Plugin SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13481 \nPublished : Feb. 19, 2025, 12:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : The LTL Freight Quotes \u2013 R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T16:14:09.000000Z"}, {"uuid": "59072da5-8808-4a32-b961-4849b91bf2de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13484", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3284", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13484\n\ud83d\udd25 CVSS Score: 8.3 (CVSS_V3)\n\ud83d\udd39 Description: A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied.\n\ud83d\udccf Published: 2025-01-28T18:31:28Z\n\ud83d\udccf Modified: 2025-01-28T20:40:01Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13484\n2. https://access.redhat.com/security/cve/CVE-2024-13484\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2269376\n4. https://github.com/argoproj/argo-cd", "creation_timestamp": "2025-01-28T21:09:42.000000Z"}, {"uuid": "f4ee5787-92f6-4cab-a72f-0f22db54223a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13480", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4080", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13480\n\ud83d\udd25 CVSS Score: 7.5 (CVSS_V3)\n\ud83d\udd39 Description: The LTL Freight Quotes \u2013 For Customers of FedEx Freight plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n\ud83d\udccf Published: 2025-02-12T12:30:48Z\n\ud83d\udccf Modified: 2025-02-12T12:30:48Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13480\n2. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3238359%40ltl-freight-quotes-fedex-freight-edition&new=3238359%40ltl-freight-quotes-fedex-freight-edition&sfp_email=&sfph_mail=\n3. https://www.wordfence.com/threat-intel/vulnerabilities/id/a9b6f7a3-83eb-4352-9db6-ab4b03241702?source=cve", "creation_timestamp": "2025-02-12T13:10:31.000000Z"}, {"uuid": "3d968787-10ec-4232-92aa-1ec0d5b774f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13484", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16508", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13484\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied.\n\ud83d\udccf Published: 2025-01-28T17:54:28.701Z\n\ud83d\udccf Modified: 2025-05-15T14:26:51.752Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-13484\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2269376", "creation_timestamp": "2025-05-15T14:35:06.000000Z"}, {"uuid": "a4c27f23-e66c-4f11-8667-c320892878dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13480", "type": "seen", "source": "https://t.me/cvedetector/17861", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13480 - FedEx Freight WordPress SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-13480 \nPublished : Feb. 12, 2025, 12:15 p.m. | 38\u00a0minutes ago \nDescription : The LTL Freight Quotes \u2013 For Customers of FedEx Freight plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T14:22:21.000000Z"}, {"uuid": "d0c24200-63ce-46e2-92cb-53e017ecdd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13487", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhiop5lcql2k", "content": "", "creation_timestamp": "2025-02-06T08:38:24.073364Z"}, {"uuid": "bbf32453-c46e-42c1-a578-78c5a1007c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13487", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113955642020617342", "content": "", "creation_timestamp": "2025-02-06T06:58:24.704993Z"}, {"uuid": "6badd094-b924-4cc4-9fba-0fc0b59574cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li7p2ilhx22t", "content": "", "creation_timestamp": "2025-02-15T12:15:58.366975Z"}, {"uuid": "c94ac258-54f1-4835-ae99-ddc184649064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li7yrmahkp2a", "content": "", "creation_timestamp": "2025-02-15T15:09:58.742784Z"}, {"uuid": "3a1c637e-99f6-49a9-aa78-7abc8e162b43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13481", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/114059628087750893", "content": "", "creation_timestamp": "2025-02-24T15:43:25.970351Z"}, {"uuid": "9254bc97-61ca-4eb8-91cb-79e6734c721d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13483", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/114059630046391796", "content": "", "creation_timestamp": "2025-02-24T15:43:55.811694Z"}, {"uuid": "ab00757c-6eec-40c9-a262-042c0153b6cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13487", "type": "seen", "source": "https://t.me/cvedetector/17370", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13487 - \"WooCommerce CURCY Arbitrary Shortcode Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13487 \nPublished : Feb. 6, 2025, 7:15 a.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : The The CURCY \u2013 Multi Currency for WooCommerce \u2013 The best free currency exchange plugin \u2013 Run smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution via the get_products_price() function in all versions up to, and including, 2.2.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T10:12:38.000000Z"}, {"uuid": "f053e20b-14a5-46cd-9f35-21ad2a804ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13485", "type": "seen", "source": "https://t.me/cvedetector/18435", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13485 - ABF Freight Quotes \u2013 WordPress SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-13485 \nPublished : Feb. 19, 2025, 12:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : The LTL Freight Quotes \u2013 ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T16:14:01.000000Z"}, {"uuid": "1eb28aa1-c4d5-4e03-bfd1-6172abca3760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13480", "type": "seen", "source": "Telegram/Xl6PLMRVBOJT1giBl4R3Mg1dVXBnSs41glBD4P0NVx7mLQL1", "content": "", "creation_timestamp": "2025-02-14T10:04:58.000000Z"}, {"uuid": "b2c4de74-5954-42a6-9337-54f375366541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "https://t.me/cvedetector/18172", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13488 - Estes LTL Freight Quotes WordPress SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-13488 \nPublished : Feb. 15, 2025, 12:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : The LTL Freight Quotes \u2013 Estes Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-15T15:12:01.000000Z"}, {"uuid": "d234bde9-6b61-4203-9a40-e0d3ed35a0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13488", "type": "seen", "source": "Telegram/sNjmIacX8dXMvLU3gblg0lC5Qz01PAeAHZEg-R_XYio1g56B", "content": "", "creation_timestamp": "2025-02-15T23:50:18.000000Z"}, {"uuid": "cede77d8-ccc9-464a-8f2f-0e8e46cbd7b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13489", "type": "seen", "source": "Telegram/TnQfLbxcjly3Ul9O-IGFILhYxPlQF33kvwvpE8tielK3QuvF", "content": "", "creation_timestamp": "2025-02-19T15:39:58.000000Z"}]}